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This listing of claims will replace all prior versions, and listings, of claims in the application. 
Listing of Claims: 

1 . (Currently Amended) A method for providing a secure user interface to a secured 
execution environment on a system comprising said secured execution environment and a 
second execution environment, comprising the steps of: 

accepting user input intended for either said secured execution environment or said 
second execution environment from a user input device; 

determining, based on said user inpu t and not on execution environment selection 
input , whether said user input is intended for said secured execution environment; and 

if said user input is not intended for said secured execution environment, transferring 
said user input to said second execution environment. 

2. (Original) The method of claim 1, where said step of accepting user input from a 
user input device comprises decrypting said user input. 

3 . (Original) The method of claim 1 , where said step of accepting user input from a 
user input device comprises establishing a secure communications channel with said user 
input. 

4. (Original) The method of claim 1, where said step of accepting user input from a 
user input device comprises verifying said user input. 

5. (Original) The method of claim 1, fiirther comprising: 

if said user input is intended for said secured execution environment, determining a 
specific destination entity in said secured execution environment for said user input; and 
transferring said user input to said specific destination entity. 
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6. (Original) The method of claim 5, where said step of determining a specific 
destination entity in said secured execution environment further comprises: 

providing window management functionality for managing at least one graphical user 
interface element owned by said specific destination entity; and 

determining that said user input relates to said graphical user interface element. 

7. (Original) The method of claim 5, where said step of transferring said user input to 
said specific destination entity comprises: 

interpreting said user input. 

8. (Previously Presented) The method of claim 1, further comprising the steps of: 
accepting output from a specific source entity in said secured execution environment; 

and 

securely transferring said output to an output device. 

9. (Original) The method of claim 8, where said step of securely transferring said 
output to said output device comprises: 

encrypting said output data. 

10. (Original) The method of claim 8, where said step of securely transferring said 
output to said output device comprises: 

transferring said output to a curtained memory. 

1 1 . (Currently Amended) A method for providing a secure user interface to a secured 
execution environment on a system comprising said secured execution environment and a 
second execution environment, comprising the steps of: 

accepting output from a specific source entity in -within said secured execution 
environmen t and not within said second execution environment : and 
securely transferring said output to an output device. 
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12. (Previously Presented) The method of claim 11, where said output contains a data 
portion, and where said step of securely transferring said output to said output device 
comprises: 

encrypting said data portion of said output. 

13. (Original) The method of claim 11, where said step of securely transferring said 
output to said output device comprises: 

transferring said output to a curtained memory. 

14. (Currently Amended) A computer-readable storage medium containing computer 
executable instructions to providing provide a secure user interface to a secured execution 
environment on a system comprising said secured execution environment and a second 
execution environment, the computer-executable instructions to perform acts comprising: 

accepting user input intended for either said secured execution environment or said 
second execution environment from a user input device; 

determining, based on said user inpu t and not on execution environment selection 
input , whether said user input is intended for said secured execution environment; and 

if said user input is not intended for said secured execution environment, transferring 
said user input to said second execution environment. 

15. (Previously Presented) The computer-readable storage medium of claim 14, 
where said accepting user input from a user input device comprises decrypting said user 
input. 

16. (Previously Presented) The computer-readable storage medium of claim 14, 
where said accepting user input from a user input device comprises establishing a secure 
communications channel with said user input. 

17. (Previously Presented) The computer-readable storage medium of claim 14, 
where said accepting user input from a user input device comprises verifying said user input. 
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18. (Previously Presented) The computer-readable storage medium of claim 14, 
wherein the computer-executable instructions are adapted to perform acts further comprising: 

if said user input is intended for said secured execution environment, determining a 
specific destination entity in said secured execution environment for said user input; and 
transferring said user input to said specific destination entity. 

19. (Previously Presented) The computer-readable storage medium of claim 18, 
where said determining a specific destination entity in said secured execution environment 

further comprises: 

providing window management functionality for managing at least one graphical user 
interface element owned by said specific destination entity; and 

determining that said user input relates to said graphical user interface element. 

20. (Previously Presented) The computer-readable storage medium of claim 18, 
where said transferring said user input to said specific destination entity comprises: 

interpreting said user input. 

21. (Previously Presented) The computer-readable storage medium of claim 14, 
wherein the computer-executable instructions are adapted to perform acts further comprising: 

accepting output from a specific source entity in said secured execution environment; 

and 

securely transferring said output to an output device. 

22. (Previously Presented) The computer-readable storage medium of claim 21, 
where said output contains a data portion, and where said securely transferring said output to 
said output device comprises: 

encrypting said data portion of said output. 

23. (Previously Presented) The computer-readable storage medium of claim 21, 
where said securely transferring said output to said output device comprises: 

transferring said output to a curtained memory. 
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24. (Currently Amended) A computer-readable storage medium containing computer 
executable instructions to providing provide a secure user interface to a secured execution 
environment on a system comprising said secured execution environment and a second 
execution environment, the computer-executable instructions to perform acts comprising: 

accepting output from a specific source entity in -within said secured execution 
environmen t and not within said second execution environment ; and 
securely transferring said output to an output device. 

25. (Previously Presented) The computer-readable storage medium of claim 24, 
where said output contains a data portion, and where said step of securely transferring said 
output to said output device comprises: 

encrypting said data portion of said output. 

26. (Previously Presented) The computer-readable storage medium of claim 24, 
where said step of securely transferring said output to said output device comprises: 

transferring said output to a curtained memory. 

27. (Currently Amended) A trusted user interface engine for providing a secure user 
interface to a secured execution environment on a system comprising said secured execution 
environment and a second execution environment, comprising: 

an input trusted service provider accepting user input from a user input device, 
operably connected to said user device; 

a trusted input manager for determining, based on said user input and not on 
execution environment selection input, whether said user input is intended for said secured 
execution environment and, if said user input is not intended for said secured execution 
environment, transferring said user input to said second execution environment. 

28. (Original) The trusted user interface engine of claim 27, where said input trusted 
service provider decrypts said user input. 
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29. (Original) The trusted user interface engine of claim 27, where said input trusted 
service provider establishes a secure communications channel with said user input. 

30. (Original) The trusted user interface engine of claim 27, where said input trusted 
service provider verifies said user input. 

3 1 . (Original) The trusted user interface engine of claim 27, where said trusted input 
manager, if said user input is intended for said secured execution environment, determines a 

specific destination entity in said secured execution environment for said user input; and 
where said trusted input manager fiirther transfers said user input to said specific destination 
entity. 

32. (Original) The trusted user interface engine of claim 31, fixrther comprising: 
a trusted window manager that provides window management functionality for 

managing at least one graphical user interface element owned by said specific destination 



where said trusted input manager determines that said user input relates to said 
graphical user interface element. 

33 . (Original) The trusted user interface engine of claim 3 1 , where said trusted input 
manager interprets said user input for said specific destination entity. 

34. (Original) The trusted user interface engine of claim 27, further comprising: 
a trusted output manager that accepts output fi^om a specific source entity in said 

secured execution environment; and that securely transfers said output to an output device. 

35. (Previously Presented) The trusted user interface engine of claim 34, where said 
output contains a data portion, and where said trusted output manager encrypts said data 
portion of said output. 



entity; and 
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36. (Original) The trusted user interface engine of claim 34, where said trusted output 
manager transfers said output to a curtained memory. 



37. (Currently Amended) A trusted user interface engine for providing a secure user 
interface to a secured execution environment on a system comprising said secured execution 
environment and a second execution environment, comprising: 

a trusted output manager that accepts output from a specific source entity ia -within 
said secured execution environmen t and not within said second execution environment : and 
that securely transfers said output to an output device. 



38. (Previously Presented) The trusted user interface engine of claim 37, where said 
output contains a data portion, and where said trusted output manager encrjrpts said data 
portion of said output. 

39. (Original) The trusted user interface engine of claim 37, where said trusted output 
manager transfers said output to a curtained memory. 

40. (Original) The trusted user interface engine of claim 37, where said trusted output 
manager comprises: 

a trusted rendering interface providing rendering said output from said specific source 
entity; and where said secure transfer is a transfer of said rendered output. 
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